P
US8051297B2ActiveUtilityPatentIndex 84

Method for binding a security element to a mobile device

Assignee: DIVERSINET CORPPriority: Nov 28, 2006Filed: Nov 28, 2006Granted: Nov 1, 2011
Est. expiryNov 28, 2026(~0.4 yrs left)· nominal 20-yr term from priority
Inventors:MACHANI SALAH
H04L 9/3228H04L 2209/80H04L 9/0866H04L 2209/56H04L 9/0822
84
PatentIndex Score
12
Cited by
16
References
18
Claims

Abstract

According to an aspect of the present invention there is provided a method of binding a security element to a device, comprising: generating a passkey to encrypt the security element, the passkey being a combination of attributes, and one of the attributes being a Device ID associated with said device. Preferably, the device is a mobile device. The combination of attributes may include the following: a) a build secret, the build secret consisting of a string which is generated when the software application is created; b) a salt, the salt consisting of a random string; wherein the build string and the salt are stored as non-printable strings within encryption code of the passkey.

Claims

exact text as granted — not AI-modified
1. A method of binding a security element to a device, comprising:
 a) generating a build secret comprising a random string that is generated when a software application is created and stored as at least one non-printable string within code of said software application; 
 b) generating a passkey to encrypt said security element on said device, said passkey being a combination of attributes associated with said device, wherein said attributes include a Device ID and said build secret; 
 c) encrypting said security element on said device using said passkey; and 
 d) retrieving said Device ID from said device as part of decrypting said security element. 
 
     
     
       2. The method of  claim 1 , wherein said device is a mobile device. 
     
     
       3. The method of  claim 2 , wherein said Device ID is one of: a serial number; an IMEI (International Mobile Equipment Identity) number; a digest or hash value derived from a phone number; or a digest or hash value derived from an email address. 
     
     
       4. The method of  claim 1 , wherein said combination of attributes additionally includes one or more of the following attributes:
 a) a salt, said salt consisting of a random string; 
 b) a user passphrase, said user passphrase consisting of a string input by the user; 
 c) an application ID associated with a program used by said device; 
 d) a network ID associated with a network service provider used by said mobile device. 
 
     
     
       5. The method of  claim 4 , wherein said user passphrase is used as an attribute and decryption of said security element requires input of said user passphrase. 
     
     
       6. The method of  claim 4 , wherein said Device ID is one of: a serial number; an IMEI (International Mobile Equipment Identity) number; a digest or hash value derived from a phone number; or a digest or hash value derived from an email address. 
     
     
       7. The method of  claim 1 , wherein said security element is an OTP (One Time Password) credential for use with a secure server. 
     
     
       8. The method of  claim 7 , wherein said Device ID is one of: a serial number; an IMEI (International Mobile Equipment Identity) number; a digest or hash value derived from a phone number; or a digest or hash value derived from an email address. 
     
     
       9. The method of  claim 1 , wherein said random string is segmented into non-printable strings that are stored in different parts of said code of said software application. 
     
     
       10. The method of  claim 9 , wherein said Device ID is one of: a serial number; an IMEI (International Mobile Equipment Identity) number; a digest or hash value derived from a phone number; or a digest or hash value derived from an email address. 
     
     
       11. The method of  claim 1 , wherein said Device ID is one of: a serial number; an IMEI (International Mobile Equipment Identity) number; a digest or hash value derived from a phone number; or a digest or hash value derived from an email address. 
     
     
       12. A method of supplying a software application for encrypting a security element using the method in  claim 1 . 
     
     
       13. A method of supplying a software application for encrypting a security element using the method in  claim 2 . 
     
     
       14. A method of supplying a software application for encrypting a security element using the method in  claim 4 . 
     
     
       15. A method of supplying a software application for encrypting a security element using the method in  claim 7 . 
     
     
       16. A method of supplying a software application for encrypting a security element using the method in  claim 5 . 
     
     
       17. A method of supplying a software application for encrypting a security element using the method in  claim 9 . 
     
     
       18. A method of supplying a software application for encrypting a security element using the method in  claim 11 .

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.